Iranian general accuses Siemens of helping U.S., Israel build Stuxnet
Suggests Iran may file charges in international courts
Computerworld - An Iranian military commander Saturday accused the German electronics giant Siemens with helping U.S. and Israeli teams craft the Stuxnet worm that attacked his country's nuclear facilities.
According to the Islamic Republic News Service (IRNA), Iran's state news agency, Brigadier General Gholam Reza Jalali laid some of the blame for Stuxnet on Siemens.
"Siemens should explain why and how it provided the enemies with the information about the codes of the SCADA software and prepared the ground for a cyber attack against us," Jalali told IRNA.
Siemens did not reply to a request for comment on Jalali's accusations.
Jalali heads Iran's Passive Defense Organization, a military unit responsible for constructing and defending the country's nuclear enrichment facilities. He is a former commander in Iran's Revolutionary Guard.
Stuxnet, which first came to light in June 2010 but hit Iranian targets in several waves starting the year before, has been extensively analyzed by security researchers, most notably a three-man team at Symantec, and by Ralph Langner of the German firm Langner Communications GmbH.
According to both Symantec and Langner, Stuxnet was designed to infiltrate Iran's nuclear enrichment program, hide in the Iranian SCADA (supervisory control and data acquisition) control systems that operate its plants, then force gas centrifuge motors to spin at unsafe speeds. Gas centrifuges, which are used to enrich uranium, can fly apart if spun too fast.
Jalali suggested that Iranian officials would pursue Siemens in the courts.
"The Foreign Ministry and other relevant political and judicial organizations should lodge complaints at international courts," said Jalali. "The attacking countries should be held legally responsible for the cyberattack."
He also claimed that Iranian researchers had traced the attack to Israel and the U.S. "The investigations and research showed that the Stuxnet worm had been disseminated from sources in the U.S. and Israel," said Jalali, who added that the worm sent reports of infected systems to computers in Texas.
Jalali's allegations of U.S. and Israeli involvement were the first from an Iranian official, although President Mahmoud Ahmadinejad has repeatedly blamed the two countries for trying to destabilize his government.
In January, the New York Times, citing confidential sources, said that Stuxnet was jointly created by the U.S. and Israel, with the latter using its covert nuclear facility at Dimona to test the worm's effectiveness on centrifuges like the ones Iran employs.
According to the Times, Siemens cooperated in 2008 with the Idaho National Laboratory (INL) to help experts there identify vulnerabilities in the SCADA hardware and software sold by the German firm. The lab -- located about 30 miles east of Idaho Falls, Idaho -- is the U.S. Department of Energy's lead nuclear research facility.
Jalali repeated earlier claims by others in Iran, including Ahmadinejad, that Stuxnet did not cause major damage or disrupt its nuclear enrichment program because researchers discovered the worm and instituted defenses.
"If we were not ready to tackle the crisis and their attack was successful, the attack could have created tragic incidents at the country's industrial sites and refineries," said Jalali.
He suggested that massive casualties could have resulted, and suggested that they might have been on the scale of the Bhopal, India disaster, where in 1984 a Union Carbide pesticide plant released chemicals that killed between 4,000 and 8,000 people.
Symantec, however, has said that Stuxnet was very successful. In a February update to its research on the worm, Symantec said the first attacks in June 2009 infected Iranian computers just 12 hours after the worm was compiled. The average time between compilation and infection was 19 days for the 10 successful attacks Symantec monitored over an 11-month span.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- Evan Schuman: Resurrection of Full Disclosure mailing list is great news, if you're not a cyberthief
- Cyberattacks could paralyze U.S., former defense chief warns
- Syrian Electronic Army shanghais Microsoft's Twitter account, blog
- Is French outrage against U.S. spying misplaced?
- Lawmakers seek answers on Obamacare Data Hub security
- China-based hacking group behind hundreds of attacks on U.S. companies
- How to Prepare for a Potential Syrian Counterattack on the U.S. Power Grid
- New York Times site outage caused by attack on domain registrar, company says
- Cyber drills like Quantum Dawn 2 vital to security in financial sector
- Quantum Dawn 2 will test Wall Street's cyber readiness
Read more about Security in Computerworld's Security Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts